<?php

class AuthController extends Zend_Controller_Action 
{
    function init() 
    {
        // Initialize the view
        $this->initView();
        // Store the base url for the current request in the view
        $this->view->baseUrl = $this->_request->getBaseUrl();    
    }
    
    function indexAction() 
    {    
        // Anyone requesting this controller will be redirected
        $this->_redirect('/');
    }
    
    function logoutAction()
    {
        // Logout
        $auth = Zend_Auth::getInstance();
        $auth->clearIdentity();
        $auth->getStorage()->clear();
        $this->_redirect('/auth/logged-out');
    }
    
    function loggedOutAction()
    {
        
    }
    
    function loginAction()
    {
        // Default is to redirect to /
        $redirect = "/";
        
        // See if a redirect should be issued if the user is logged in.
        if ($this->_request->get("redirect")) {
            $redirectUrl = urldecode($this->_request->get("redirect"));
            // Only redirect to a url on this site
            if (strpos($redirectUrl, "/") === 0) {
                $redirect = $redirectUrl;
            }
        } 
        
        // Dont show the form if the user is logged in
        if (Zend_Auth::getInstance()->hasIdentity()) {
            $this->_redirect($redirect);
        }
        
        if ($this->_request->isPost()) {
            // Filter the input
            $f = new Zend_Filter_StripTags();
            $username = $f->filter($this->_request->getPost('username'));
            $password = $f->filter($this->_request->getPost('password'));
            $rememberMe = $this->_request->getPost('remember_me') ? true : false;

            // Setup the auth adapter
            $db = Zend_Registry::getInstance()->database;
            $authAdapter = new Zend_Auth_Adapter_DbTable($db);
            $authAdapter->setTableName('users');
            $authAdapter->setIdentityColumn('username');
            $authAdapter->setCredentialColumn('password');
            $authAdapter->setCredentialTreatment('SHA1(?)');

            // Set the input credential values to authenticate against
            $authAdapter->setIdentity($username);
            $authAdapter->setCredential($password);

            // do the authentication
            $auth = Zend_Auth::getInstance();
            $result = $auth->authenticate($authAdapter);

            if ($result->isValid()) {
                // success: store database row to auth's storage
                // system. (Not the password though!)
                if ($rememberMe) Zend_Session::rememberMe(60*60*24*365);
                    
                $data = $authAdapter->getResultRowObject(null, 'password');
                $auth->getStorage()->write($data);
                $this->_redirect($redirect);
            } else {
                // failure: clear database row from session
                $this->view->message = 'Login failed.';
                $auth->getStorage()->clear();
            }
        }
    }
}